* [gentoo-commits] repo/gentoo:master commit in: dev-ruby/activesupport/files/
@ 2023-07-03 22:00 Conrad Kostecki
0 siblings, 0 replies; 2+ messages in thread
From: Conrad Kostecki @ 2023-07-03 22:00 UTC (permalink / raw
To: gentoo-commits
commit: 81d7238b6f61aae4dd9f6ca62ca6db028c4a0027
Author: Michael Mair-Keimberger <mmk <AT> levelnine <DOT> at>
AuthorDate: Sun Jul 2 13:04:58 2023 +0000
Commit: Conrad Kostecki <conikost <AT> gentoo <DOT> org>
CommitDate: Mon Jul 3 22:00:17 2023 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=81d7238b
dev-ruby/activesupport: remove unused patch
Signed-off-by: Michael Mair-Keimberger <mmk <AT> levelnine.at>
Closes: https://github.com/gentoo/gentoo/pull/31709
Signed-off-by: Conrad Kostecki <conikost <AT> gentoo.org>
.../files/activesupport-7.0.4.3-ruby32.patch | 23 ----------------------
1 file changed, 23 deletions(-)
diff --git a/dev-ruby/activesupport/files/activesupport-7.0.4.3-ruby32.patch b/dev-ruby/activesupport/files/activesupport-7.0.4.3-ruby32.patch
deleted file mode 100644
index 82fc7a335e86..000000000000
--- a/dev-ruby/activesupport/files/activesupport-7.0.4.3-ruby32.patch
+++ /dev/null
@@ -1,23 +0,0 @@
-Per https://github.com/rails/rails/pull/46735#issuecomment-1352643705, this
-is just dropping a test which doesn't make sense for ruby32.
-
-https://github.com/rails/rails/issues/46712
-https://github.com/rails/rails/pull/46735
-
-From 60ffaac2e9644076e53afa1a2b1a716e289b7085 Mon Sep 17 00:00:00 2001
-From: Akira Matsuda <ronnie@dio.jp>
-Date: Thu, 15 Dec 2022 15:45:27 +0900
-Subject: [PATCH] RubyVM class serial is no longer available in Ruby 3.2
-
-since ruby/ruby@13bd617ea6fdf72467c593639cf33312a06c330c
---- a/test/executor_test.rb
-+++ b/test/executor_test.rb
-@@ -226,7 +226,7 @@ def test_hook_insertion_order
- end
-
- def test_class_serial_is_unaffected
-- skip if !defined?(RubyVM)
-+ skip if !defined?(RubyVM) || !RubyVM.stat.has_key?(:class_serial)
-
- hook = Class.new do
- define_method(:run) do
^ permalink raw reply related [flat|nested] 2+ messages in thread
* [gentoo-commits] repo/gentoo:master commit in: dev-ruby/activesupport/files/
@ 2017-08-09 6:21 Patrice Clement
0 siblings, 0 replies; 2+ messages in thread
From: Patrice Clement @ 2017-08-09 6:21 UTC (permalink / raw
To: gentoo-commits
commit: 0ab47c621f6211b455352604a9c776bbc4f601ba
Author: Michael Mair-Keimberger (asterix) <m.mairkeimberger <AT> gmail <DOT> com>
AuthorDate: Mon Aug 7 15:56:04 2017 +0000
Commit: Patrice Clement <monsieurp <AT> gentoo <DOT> org>
CommitDate: Wed Aug 9 06:21:13 2017 +0000
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0ab47c62
dev-ruby/activesupport: remove unused patch.
Closes: https://github.com/gentoo/gentoo/pull/5338
dev-ruby/activesupport/files/4-1-xml_depth.patch | 114 -----------------------
1 file changed, 114 deletions(-)
diff --git a/dev-ruby/activesupport/files/4-1-xml_depth.patch b/dev-ruby/activesupport/files/4-1-xml_depth.patch
deleted file mode 100644
index 29bc4d2ec72..00000000000
--- a/dev-ruby/activesupport/files/4-1-xml_depth.patch
+++ /dev/null
@@ -1,114 +0,0 @@
-From eb4f1d6a02e9557b97cdbed76157dc5a625cdb82 Mon Sep 17 00:00:00 2001
-From: Aaron Patterson <aaron.patterson@gmail.com>
-Date: Tue, 9 Jun 2015 11:24:25 -0700
-Subject: [PATCH] enforce a depth limit on XML documents
-
-XML documents that are too deep can cause an stack overflow, which in
-turn will cause a potential DoS attack.
-
-CVE-2015-3227
----
- activesupport/lib/active_support/xml_mini.rb | 3 +++
- activesupport/lib/active_support/xml_mini/jdom.rb | 11 ++++++-----
- activesupport/lib/active_support/xml_mini/rexml.rb | 11 ++++++-----
- 3 files changed, 15 insertions(+), 10 deletions(-)
-
-diff --git a/activesupport/lib/active_support/xml_mini.rb b/activesupport/lib/active_support/xml_mini.rb
-index 009ee4d..df7b081 100644
---- a/activesupport/lib/active_support/xml_mini.rb
-+++ b/activesupport/lib/active_support/xml_mini.rb
-@@ -78,6 +78,9 @@ module ActiveSupport
- )
- end
-
-+ attr_accessor :depth
-+ self.depth = 100
-+
- delegate :parse, :to => :backend
-
- def backend
-diff --git a/activesupport/lib/active_support/xml_mini/jdom.rb b/activesupport/lib/active_support/xml_mini/jdom.rb
-index 27c64c4..cdc5490 100644
---- a/activesupport/lib/active_support/xml_mini/jdom.rb
-+++ b/activesupport/lib/active_support/xml_mini/jdom.rb
-@@ -46,7 +46,7 @@ module ActiveSupport
- xml_string_reader = StringReader.new(data)
- xml_input_source = InputSource.new(xml_string_reader)
- doc = @dbf.new_document_builder.parse(xml_input_source)
-- merge_element!({CONTENT_KEY => ''}, doc.document_element)
-+ merge_element!({CONTENT_KEY => ''}, doc.document_element, XmlMini.depth)
- end
- end
-
-@@ -58,9 +58,10 @@ module ActiveSupport
- # Hash to merge the converted element into.
- # element::
- # XML element to merge into hash
-- def merge_element!(hash, element)
-+ def merge_element!(hash, element, depth)
-+ raise 'Document too deep!' if depth == 0
- delete_empty(hash)
-- merge!(hash, element.tag_name, collapse(element))
-+ merge!(hash, element.tag_name, collapse(element, depth))
- end
-
- def delete_empty(hash)
-@@ -71,14 +72,14 @@ module ActiveSupport
- #
- # element::
- # The document element to be collapsed.
-- def collapse(element)
-+ def collapse(element, depth)
- hash = get_attributes(element)
-
- child_nodes = element.child_nodes
- if child_nodes.length > 0
- (0...child_nodes.length).each do |i|
- child = child_nodes.item(i)
-- merge_element!(hash, child) unless child.node_type == Node.TEXT_NODE
-+ merge_element!(hash, child, depth - 1) unless child.node_type == Node.TEXT_NODE
- end
- merge_texts!(hash, element) unless empty_content?(element)
- hash
-diff --git a/activesupport/lib/active_support/xml_mini/rexml.rb b/activesupport/lib/active_support/xml_mini/rexml.rb
-index 5c7c78b..924ed72 100644
---- a/activesupport/lib/active_support/xml_mini/rexml.rb
-+++ b/activesupport/lib/active_support/xml_mini/rexml.rb
-@@ -29,7 +29,7 @@ module ActiveSupport
- doc = REXML::Document.new(data)
-
- if doc.root
-- merge_element!({}, doc.root)
-+ merge_element!({}, doc.root, XmlMini.depth)
- else
- raise REXML::ParseException,
- "The document #{doc.to_s.inspect} does not have a valid root"
-@@ -44,19 +44,20 @@ module ActiveSupport
- # Hash to merge the converted element into.
- # element::
- # XML element to merge into hash
-- def merge_element!(hash, element)
-- merge!(hash, element.name, collapse(element))
-+ def merge_element!(hash, element, depth)
-+ raise REXML::ParseException, "The document is too deep" if depth == 0
-+ merge!(hash, element.name, collapse(element, depth))
- end
-
- # Actually converts an XML document element into a data structure.
- #
- # element::
- # The document element to be collapsed.
-- def collapse(element)
-+ def collapse(element, depth)
- hash = get_attributes(element)
-
- if element.has_elements?
-- element.each_element {|child| merge_element!(hash, child) }
-+ element.each_element {|child| merge_element!(hash, child, depth - 1) }
- merge_texts!(hash, element) unless empty_content?(element)
- hash
- else
---
-2.2.1
-
-
\ No newline at end of file
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2023-07-03 22:00 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-07-03 22:00 [gentoo-commits] repo/gentoo:master commit in: dev-ruby/activesupport/files/ Conrad Kostecki
-- strict thread matches above, loose matches on Subject: below --
2017-08-09 6:21 Patrice Clement
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox